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Remarks 

Applicants have added claim 35 to provide additional protection for the invention in the 
marketplace. Claims 1-35 are currently pending. 
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Appendix 

1 . (Unchanged) An apparatus comprising: 

at least one processor; 

a memory coupled to the at least one processor; 

a first user registry residing in the memory that contains a first user identity for a selected 

user; 

a second user registry residing in the memory that contains a second user identity for the 
selected user; and 

an identity mapping mechanism that provides a mapping between the first user identity 
and the second user identity. 

2. (Unchanged) The apparatus of claim 1 wherein the first user registry comprises a user 
registry in a first processing environment. 

3. (Unchanged) The apparatus of claim 2 wherein the second user registry comprises a user 
registry in a second processing environment that is different than the first processing 
environment. 

4. (Unchanged) The apparatus of claim 1 wherein the identity mapping mechanism 
comprises: 

a directory service that contains a plurality of user identity mappings that correlate the 
first user identity in the first registry to the second user identity in the second registry, and that 
references the first and second user registries; and 

schema for the directory service that specifies relationships between a plurality of entries 
in the directory service, where at least one entry includes the user identity mappings. 

5. (Unchanged) The apparatus of claim 4 wherein the directory service comprises 
Lightweight Directory Access Protocol (LDAP). 
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6. (Unchanged) The apparatus of claim 1 further comprising a global identifier residing in 
the memory that corresponds to the selected user, and wherein the mapping comprises a first 
correlation between the first user identity and the global identifier and a second correlation 
between the second user identity and the global identifier. 

7. (Unchanged) An apparatus comprising: 

at least one processor; 

a memory coupled to the at least one processor; 

a first user registry residing in the memory containing a first plurality of user identities; 
a second user registry residing in the memory containing a second plurality of user 
identities; 

a directory service that contains a plurality of user identity mappings that correlate a first 
user identity in the first user registry to a second user identity in the second user registry, and that 
references the first and second user registries; and 

schema for the directory service that specifies relationships between a plurality of entries 
in the directory service, where at least one entry includes the user identity mappings. 

8. (Unchanged) The apparatus of claim 7 wherein the first user registry comprises a user 
registry in a first processing environment. 

9. (Unchanged) The apparatus of claim 8 wherein the second user registry comprises a user 
registry in a second processing environment that is different than the first processing 
environment. 

10. (Unchanged) The apparatus of claim 7 wherein the directory service comprises 
Lightweight Directory Access Protocol (LDAP). 
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1 1 . (Unchanged) The apparatus of claim 7 further comprising a global identifier residing in 
the memory that corresponds to the selected user, and wherein the mapping comprises a first 
correlation between the first user identity and the global identifier and a second correlation 
between the second user identity and the global identifier. 

12. (Unchanged) A networked computer system comprising: 

a network that interconnects a plurality of computer systems; 

a first computer system coupled to the network that includes a first user registry for a first 
processing environment that contains a first user identity for a selected user; 

a second computer system coupled to the network that includes a second user registry for 
a second processing environment that contains a second user identity for the selected user; and 

a mechanism coupled to the network that provides a mapping between the first user 
identity and the second user identity. 

13. (Unchanged) The networked computer system of claim 12 wherein the first user registry 
comprises a user registry in a first processing environment. 

14. (Unchanged) The networked computer system of claim 13 wherein the second user 
registry comprises a user registry in a second processing environment that is different than the 
first processing environment. 

15. (Unchanged) The networked computer system of claim 12 further comprising a global 
identifier accessible via the network that corresponds to the selected user, and wherein the 
mapping comprises a first correlation between the first user identity and the global identifier and 
a second correlation between the second user identity and the global identifier. 



Docket No.: ROC92000027 1 US 1 
Serial No.: 09/818,064 



5 



16. (Unchanged) A method for managing a plurality of user identities on a plurality of 
computer system coupled to a network, each user identity corresponding to a defined processing 
environment, the method comprising the steps of: 

providing an identity mapping mechanism that provides a mapping between a first user 
identity in a first user registry and a second user identity in a second user registry; and 

invoking the identity mapping mechanism to determine the mapping between the first 
user identity and the second user identity. 

17. (Unchanged) The method of claim 16 wherein the identity mapping mechanism 
comprises: 

a directory service that contains a plurality of user identity mappings that correlate the 
first user identity in the first registry to the second user identity in the second registry, and that 
references the first and second user registries; and 

schema for the directory service that specifies relationships between a plurality of entries 
in the directory service, where at least one entry includes the user identity mappings. 

18. (Unchanged) The method of claim 17 wherein the directory service comprises 
Lightweight Directory Access Protocol (LDAP). 

19. (Unchanged) A method for correlating a plurality of user identities on a plurality of 
computer systems coupled to a network, the method comprising the steps of: 

generating a global identifier corresponding to a user; 

mapping a first user identity in a first user registry to the global identifier; and 

mapping a second user identity in a second user registry to the global identifier. 
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20. (Unchanged) A program product comprising: 

(A) an identity mapping mechanism that provides a mapping between: 

(Al) a first user identity for a selected user residing in a first user registry; and 
(A2) a second user identity for the selected user residing in a second user registry; 

and 

(B) computer-readable signal bearing media bearing the identity mapping mechanism. 

21 . (Unchanged) The program product of claim 20 wherein the signal bearing media 
comprises recordable media. 

22. (Unchanged) The program product of claim 20 wherein the signal bearing media 
comprises transmission media. 

23. (Unchanged) The program product of claim 20 wherein the first user registry comprises 
a user registry in a first processing environment. 

24. (Unchanged) The program product of claim 23 wherein the second user registry 
comprises a user registry in a second processing environment that is different than the first 
processing environment. 

25. (Unchanged) The program product of claim 20 wherein the identity mapping 
mechanism comprises: 

a directory service that contains a plurality of user identity mappings that correlate the 
first user identity in the first registry to the second user identity in the second registry, and that 
references the first and second user registries; and 

schema for the directory service that specifies relationships between a plurality of entries 
in the directory service, where at least one entry includes the user identity mappings. 
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26. (Unchanged) The program product of claim 20 wherein the directory service comprises 
Lightweight Directory Access Protocol (LDAP). 

27. (Unchanged) The program product of claim 20 wherein the identity mapping 
mechanism provides a mapping between the first user identity and the second user identity by 
creating a global identifier that corresponds to the selected user, and by generating a first 
correlation between the first user identity and the global identifier and a second correlation 
between the second user identity and the global identifier. 

28. (Unchanged) A program product comprising: 

(A) a directory service that contains a plurality of user identity mappings that correlate a 
first user identity in a first user registry to a second user identity in a second user registry, and 
that references the first and second user registries; and 

(B) schema for the directory service that specifies relationships between a plurality of 
entries in the directory service, where at least one entry includes the user identity mappings; and 

(C) computer-readable signal bearing media bearing the directory service and the schema. 

29. (Unchanged) The program product of claim 28 wherein the signal bearing media 
comprises recordable media. 

30. (Unchanged) The program product of claim 28 wherein the signal bearing media 
comprises transmission media. 

3 1 . (Unchanged) The program product of claim 28 wherein the first user registry comprises 
a user registry in a first processing environment. 
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32. (Unchanged) The program product of claim 3 1 wherein the second user registry 
comprises a user registry in a second processing environment that is different than the first 
processing environment. 

33. (Unchanged) The program product of claim 28 wherein the directory service comprises 
Lightweight Directory Access Protocol (LDAP). 

34. (Unchanged) The program product of claim 28 wherein the plurality of user identity 
mappings each comprise a mapping between the first user identity and a global identifier that 
corresponds to the selected user, and a mapping between the global identifier and the second user 
identity. 

35. (New) The apparatus of claim 1 1 . wherein the first correlation is a source relationship 
and wherein the second correlation is a targe t relationship. 
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